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DETAILED ACTION 
Response to Amendment 

1 . This office action is in response to amendment filed on 1 1/05/03 (Paper No. 13). Original 
application contained Claims 1-77. Applicants also have made the appropriate adjustment to 
Claims 58 to overcome claim objection as identified in previous office action (Paper No. 12). 
The amendment filed on 1 1/05/03 have been entered and made of record. Therefore, presently 
pending claims are 1-77. 

Response to Arguments 

2. Applicant's arguments filed 1 1/05/03 have been fully considered but they are not 
persuasive because of following reasons. 

Applicant argued, in reference to claim 1, 11, 19, 32, and 35, 56, "there is no teaching or 
suggestion in the cited portions of the reference of the claimed software identity register". This is 
not found persuasive due to the new grounds of rejection. The examiner defines a software 
identity register as a register that stores the identity of related software. A register is a high- 
speed memory within a microprocessor used to hold data. Barr discloses a password that is 
encrypted and stored in a secure location. The secure location is memory and therefore 
performs the same function as the register of the software identity register in storing the data. In 
combination with Arbaugh calculating the cryptographic hash that represents the operating 
system and therefore identifies the operating system. The hash is stored in the secure location, 
thus making the secure location perform the function of the identity register. 

The applicant argued further, "Further, with regard to Claim 3, Barr does not teach or 
suggest "the software identity register contains the identity of the operating system and in an 
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event that the atomic operation fails to complete correctly the software identity register contains 
a value other than the identity of the operating system" as claimed." This is not found persuasive 
due to the new grounds of rejection. Arbaugh discloses a system that verifies the kernel 
(operating system) by calculating the cryptographic hash of the operating system level (page 4 
section 3.2. 1 paragraph 2 in combination with section 3.2.2 paragraph 4). The cryptographic 
hash is the identity of the operating system since it is used to verify the integrity of the operating 
system. 

The applicant argued further, in reference to claims 43, 52-54, 69, and 73, "Barr does not 
teach or suggest a subscriber unit to form an OS certificate containing the identity from a 
software identity register." This is not found persuasive due to the new grounds of rejection. 
Arbaugh discloses a system that calculates digital certificates for the verification of the software 
(Arbaugh page 4 section 3.2.1 paragraph 1) 

The applicant argued further, in reference to claim 76, "the reference does not describe a 
software identity register being signed using a private key of a private key/public key pair, as 
claimed." This is not found persuasive due to the new grounds of rejection. The Arbaugh 
reference disclose the availability of public key certificates for determining the integrity of the 
levels of software, this suggests signing the memory storing the identity of the operating system 
using the stored information for determining the integrity. 

The examiner asserts that the prior art does teach or suggest the subject matter broadly 
recited in independent Claims 1,3,11, 19, 22, 32, 35, 42, 43, 52-56, 69, 73, and 76. Dependent 
Claims 2, 4-10, 12-18, 20-21, 23-31, 33-34, 36-41, 44-51, 57-67, 70-72, 74-75, and 77 are also 
rejected at least by virtue of their dependency on independent claims and by other reason set 
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forth in this office action (Paper No. 14). Accordingly, rejections for claims 1-77 are respectfully 
maintained. 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

3 Claims 1-4, 7, 9-12, 15, 17-19, 22, 25, 32, 30, 35, 40, 41, 43-54, 56-58, 69, 73, and 76 

are rejected under 35 U.S.C. 103(a) as being unpatentable over Barr in view of Arbaugh and 
Angelo (5,944,821). 

4. In reference to claim 7, Barr discloses a computer system having a central processing unit 
(CPU, Fig. 1 20) and an operating system (OS, Fig. 1 35), the CPU having a software identity 
register (column 7 lines 59-63). The examiner defines a software identity register as a register 
that stores the identity of related software. A register is a high-speed memory within a 
microprocessor used to hold data. Barr discloses a password that is encrypted and stored in a 
secure location. The secure location is memory and therefore performs the same function as the 
register of the software identity register. 

5. However, Barr does not expressly disclose computing a cryptographic function of at least 
a portion of the operating system and setting the software identity register to a result of the 
computed cryptographic function. 
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6. Arbaugh discloses a system that verifies the kernel (operating system) by calculating the 
cryptographic hash of the operating system level (page 4 section 3.2. 1 paragraph 2 in 
combination with section 3.2.2 paragraph 4). The cryptographic hash is the identity of the 
operating system since it is used to verify the integrity of the system 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to calculate the cryptographic hash of the operating system as in Arbaugh in the 
system of Barr. One of ordinary skill in the art would have been motivated to do this because 
calculating the cryptographic hash function is used to calculate the integrity of a function a 
system is then said to posses integrity, without integrity no system can be made secure (Arbaugh 
Introduction). 

Furthermore Angelo discloses setting the software identity register to a result of the 
computed cryptographic function (Fig. 3 and Fig. 4). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to store the result of the computed cryptographic function in the hash table as in 
Angelo in the system of Barr. One of ordinary skill in the art would have been motivated to do 
this because the user may desire to update the hash table (column 10 lines 53-58). 

7. In reference to claim 2, Barr discloses further a method comprising defining a secure 
storage space, access to which is based in part on the result set in the software identity register 
(column 7 lines 59-63). 

8. In reference to claims 3 and 77, In a computer system having a central processing unit 
(CPU) and an operating system (OS), the CPU having a software identity register (column 9 



Application/Control Number: 09/266,207 Page 6 

Art Unit: 2131 

lines 63-67). The examiner defines a software identity register as a register that stores the 
identity of related software. A register is a high-speed memory within a microprocessor used to 
hold data. Barr discloses a password that is encrypted and stored in a secure location. The 
secure location is memory and therefore performs the same function as the register of the 
software identity register. 

However Barr does not expressly disclose setting the identity of the operating system into 
the software identity register of the CPU wherein the when the operation completes correctly the 
software identity register contains the identity of the operating system and in an event that the 
operation fails to complete correctly the software identity register contains a value other than the 
identity of the operating system and examining the content of the software identity register to 
verify the identity of the operating system. 

9. Arbaugh discloses a system that verifies the kernel (operating system) by calculating the 
cryptographic hash of the operating system level (page 4 section 3.2. 1 paragraph 2 in 
combination with section 3.2.2 paragraph 4). The cryptographic hash is the identity of the 
operating system since it is used to verify the integrity of the operating system. 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to calculate the cryptographic hash of the operating system as in Arbaugh in the 
system of Barr. One of ordinary skill in the art would have been motivated to do this because 
calculating the cryptographic hash function is used to calculate the integrity of a function a 
system is then said to posses integrity, without integrity no system can be made secure (Arbaugh 
Introduction). 



Application/Control Number: 09/266,207 Page 7 

Art Unit: 2131 

10. In addition, Angelo discloses a system wherein in an event that the atomic operation 
completes correctly, the software identity register contains the identity of the operating system 
(column 10 lines 16-28) and in an event that the atomic operation fails to complete correctly, the 
software identity register contains a value other than the identity of the operating system; and 
examining a content of the software identity register to verify the identity of the operating system 
(column 10 lines 39-65). The hash value can be deleted; this would be setting the value to 
something other than the correct hash value. The user is also given a choice to update the value 
and put in a value that is different from the correct hash value. 

11. At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to update the hash value as described by Angelo in the system described by Barr. 
One of ordinary skill in the art would have been motivated to do this because trusted software 
may become vulnerable to attack and can no longer be relied upon to perform the trusted 
operation, recalculating the hash value and updating the hash table will revalidate the trusted 
software or reconfigure the integrity assessment (Angelo column 4 lines 17-24). 

12. In reference to claims 4, 9, 10, 12, 17, 18, and 72, the identity comprises a public key of a 
correctly signed block of code from the operating system, and examining a content of the 
software identity register comprises verifying a signature of the signed block of code against the 
public key (Barr column 9 lines 50-55 in combination with Fig. 7A). 

13. In reference to claims 19, 26, 41, 44,46, 47, and 75, Barr suggests a computer system 
having a central processing unit (CPU) and an operating system (OS), 

14. However, Barr does not expressly disclose having a pair of private and public keys and a 
software identity register that holds an identity of the operating system. Creating an identity of 
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the OS containing the identity from the software identity register and signing the OS certificate 
using the CPU private key. 

15. Arbaugh discloses a system that verifies the kernel (operating system) by calculating the 
cryptographic hash of the operating system level (page 4 section 3.2.1 paragraph 2 in 
combination with section 3.2.2 paragraph 4). The cryptographic hash is the identity of the 
operating system since it is used to verify the integrity of the operating system. Arbaugh also 
teaches the use of digital signatures and public key certification, therefore the use of private and 
public keys (page 4 section 3.2.1 paragraph 1). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to calculate the cryptographic hash of the operating system as in Arbaugh in the 
system of Barr. One of ordinary skill in the art would have been motivated to do this because 
calculating the cryptographic hash function is used to calculate the integrity of a function a 
system is then said to posses integrity, without integrity no system can be made secure (Arbaugh 
Introduction). 

16. In addition, Angelo discloses a system wherein in an event that the atomic operation 
completes correctly, the software identity register contains the identity of the operating system 
(column 10 lines 16-28) and in an event that the atomic operation fails to complete correctly, the 
software identity register contains a value other than the identity of the operating system; and 
examining a content of the software identity register to verify the identity of the operating system 
(column 10 lines 39-65). The hash value can be deleted; this would be setting the value to 
something other than the correct hash value. The user is also given a choice to update the value 
and put in a value that is different from the correct hash value. 
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17. At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to update the hash value as described by Angelo in the system described by Barr. 
One of ordinary skill in the art would have been motivated to do this because trusted software 
may become vulnerable to attack and can no longer be relied upon to perform the trusted 
operation, recalculating the hash value and updating the hash table will revalidate the trusted 
software or reconfigure the integrity assessment (Angelo column 4 lines 17-24). 

18. In reference to claims 7, 15, 22, 25, 30, 31, 32, 34, 35, 38, 40, 43, 45, 48-54, 56-58, 69, 
73, and 76, Barr suggests method for establishing a chain of trust between a subscriber unit and a 
content provider, the subscriber unit having a central processing unit (CPU) and an operating 
system (OS), the CPU having a pair of private and public keys (column 9 lines 10-24), a 
manufacturer certificate supplied by a manufacturer of the CPU (column 9 lines 50-55), and a 
software identity register that holds an identity of the operating system (column 9 lines 10-23), 
the method comprising: submitting a request from the subscriber unit to the content provider, the 
request specifying a particular content (Fig. 7A); generating, at the content provider, a challenge 
nonce (Fig. 7A); returning the challenge nonce from the content provider to the subscriber unit 
(Fig. 7A); forming, at the subscriber unit, an OS certificate containing the identity from the 
software identity register, information describing the operating system, the challenge nonce, and 
the CPU public key and signing the OS certificate using the CPU private key (column 9 lines 10- 
23); passing the OS certificate and the CPU manufacturer certificate from the subscriber unit to 
the content provider (column 9 lines 50-55); and evaluating, at the content provider, the OS 
certificate and the CPU manufacturer at the content provider to determine whether to reject or 
fulfill the request (column 9 lines 50-55 in combination with column 8 lines 17-24). The 
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examiner defines a software identity register as a register that stores the identity of related 
software. A register is a high-speed memory within a microprocessor used to hold data. Barr 
discloses a password that is encrypted and stored in a secure location (column 7 lines 59-67). 
The secure location is memory and therefore performs the same function of storing data as the 
register of the software identity register. The speed with which the data is to be retrieved 
depends on the design. 

Barr does not expressly disclose the software identity being calculated and stored. 

19. Arbaugh discloses a system that verifies the kernel (operating system) by calculating the 
cryptographic hash of the operating system level (page 4 section 3.2.1 paragraph 2 in 
combination with section 3.2.2 paragraph 4). The cryptographic hash is the identity of the 
operating system since it is used to verify the integrity of the operating system. Arbaugh also 
teaches the use of digital signatures and public key certification, therefore the use of private and 
public keys (page 4 section 3.2. 1 paragraph 1). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to calculate the cryptographic hash of the operating system as in Arbaugh in the 
system of Barr. One of ordinary skill in the art would have been motivated to do this because 
calculating the cryptographic hash function is used to calculate the integrity of a function a 
system is then said to posses integrity, without integrity no system can be made secure (Arbaugh 
Introduction). 

20. In addition, Angelo discloses a system wherein in an event that the identity of the 
operating system is stored in the form of a hash value in a hash table (column 10 lines 16-28). 
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21. At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to update the hash value as described by Angelo in the system described by Barr. 
One of ordinary skill in the art would have been motivated to do this because trusted software 
may become vulnerable to attack and can no longer be relied upon to perform the trusted 
operation, recalculating the hash value and updating the hash table will revalidate the trusted 
software or reconfigure the integrity assessment (Angelo column 4 lines 17-24). 

22. In reference to claim 36, the identity comprises a digital signature on a block of code 
from the operating system (column 6 lines 37-39). 

23. Claims 5, 13, 33, and 37 are rejected as in rejection for claims 3,11, 32, and 35. 

Barr does not expressly disclose the operating system's identity comprising a hash digest 
of a block of code from the operating system, and examining a content of the software identity 
register comprises hashing the block of code. 

Angelo discusses a hash value generated by an integrity assessment code that is specific 
to a given software application although the disclosed embodiment of the invention utilizes a 
hash table 206 containing hash values generated by a secure hash algorithm 208, it is 
contemplated that many types of modification detection codes could be utilized. Of importance 
to the invention is that each piece of software to be tracked has a corresponding and fairly 
unique value that represents the unaltered state of the software, and that this value be stored in a 
secure memory location (Fig. 3). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to calculate the hash value as an identity and examine the software integrity using 
the hash value as disclosed by Angelo in the system disclosed by Barr. One of ordinary skill in 
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the art would have been motivated to do this because it is intended to be computationally 
infeasible to modify data so as to preserve a specific modification detection code value. 
24. In reference to claim 33, wherein forming a generator key and generating a storage key 
comprises creating a storage key SK using the formula SK = SHA(CPU-specific secret, OS- 
specific data, seed). Angelo suggests the calculation of a hash value from a hash algorithm (Fig. 
2 in combination with Fig. 3). 

25 Claim 6, 8, 14, 16, 21, 23, 24, 39, 42, 55, and 59-62, and 71 are rejected under 35 
U.S.C. 103(a) as being unpatentable over Barr, Arbaugh, and Angelo as applied to claims 3, 1 1, 
19, 22, and 35 respectively above, and further in view of Sadowsky et al (6,230,285 Bl). 

26. In reference to claims 6, 8, 14, 16, 24, 39, 42, 55, 59-62, Barr does not expressly disclose 
maintaining a boot log. 

Sadowsky discloses maintaining a boot log (Fig 4). Further Sadowsky suggest the boot 
file comprising appending at least a portion of the identity to a boot log (column 4 lines 65 and 
66). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to append the identity to the boot log of Sadowsky in the system of Barr. One of 
ordinary skill in the art would have been motivated to do this because it will show the cause of 
boot failure (column 5 lines 12-15). 

27. In reference to claims 21, 23, and 71, the method wherein creating an identity of the OS 
comprises forming the OS certificate with one or more items from a boot log containing 
identities of software components that are executing on the CPU. The boot log discussed by 
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Sadowsky contains information such as the device driver and executables (column 4 lines 65 and 
66). This information is shared with the certificate information suggested by Ban*. 

28. Claims 63-68, 74, and 77 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Barr, Arbaugh, and Angelo as applied to claims 19, 56, 73, and 76 above, and further in view of 
LeBourgeois (6,026,166). 

29. In reference to claims 63 and 64, Barr does not expressly disclose the certificate 
containing the identities of the device drivers. 

LeBourgeois discloses the digital certification method where the signature is dependent 
on the user identity (column 3 lines 54-57). In this case the user would be the device driver of 
the CPU. 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to bind the identification of the device drive to the signature of the certificate as in 
LeBourgeois in the system of Barr. One of ordinary skill in the art would have been motivated 
to do this because it is useful in ensuring that digital products are authorized for use on only one 
machine (column 3 lines 21-23). 

30. In reference to claim 65 and 66, LeBourgeois further discloses submitting, by the user 
computer, a request to the third party (the certificate server) for access to specific content; 
evaluating, by the third party, whether to permit access based on the level of trust associated with 
the user computer (Fig. 3B). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to send the request to a certificate server for access to specific content as disclosed 
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by LeBourgeois in the system of Barr. One of ordinary skill in the art would have been 
motivated to do this because the certificate server will prevent an imposter from creating a 
message purportedly from the original sender (column 1 lines 22-59) 

31. In reference to claims 67 and 68, the access comprises transmitting, from the third party 
(the certificate server), a storage key for the specific content to the user computer through the 
secure connection (the connection between the merchant and the certificate server), wherein the 
specific content was previously stored on the user computer (Fig 3A and 3B). The specific 
content was obtained outside the secure connection (the user system; Fig. 3A). 

32. In reference to claims 20, 70, 74, and 77, LeBourgeois further suggests submitting the 
signed software identity register (the identity of the user) over a network to a third party to prove 
an identity of the operating system to the third party (Fig 3A and Fig. 3B). 

33. Claims 27-29 are rejected under 35 U.S.C. 103(a) as being unpatentable over Barr, 
Arbaugh, and Angelo as applied to claim 22 above, and further in view of Barlow et al (6, 038, 
551). 

Barr discloses the use of certificates for the operating system, however does not expressly 
disclose the use of a manufacturing certificate. 

Barlow discloses the use of a manufacturing certificate to verify the manufacturer and 
therefore whether to trust the manufacturer (column 8 line 66 to column 9 line 20). 

At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to compare the manufacturer certificate and the operating system 
certificate. One of ordinary skill in the art would have been motivated to do this because to 
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prevent possible covert attacks from malicious software applications which attempt to gain 
unauthorized access to resources on the IC card (column 8 line 66 to column 9 line 3). 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Paula W Klimach whose telephone number is (703) 305-8421. 
The examiner can normally be reached on Mon to Thr 9:30 a.m to 5:30 p.m. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on (703) 305-4393. The fax phone number for the 
organization where this application or proceeding is assigned is (703) 872-9306. 

Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is (703) 305-4832. 

PWK 

Thursday, January 22, 2004 
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